An overlay protection layer against Denial-of-Service attacks

Today Internet is becoming an emerging technology for remote control of industrial applications, where one site needs to control another site remotely (e.g. power plants controllers). Denial-of-Service (DoS) attacks may cause significant disruptions to the Internet which will threaten the operation of such network based control systems. Overlay networks have been proposed to protect Internet application sites by location-hiding technique. This paper analyzes a large domain of previous approaches against this problem. This paper addresses how an interface to an overlay network can be designed such that communication services among geographically distributed application sites are secured against DoS attacks. This paper presents a novel architecture called overlay protection layer (OPL) that proactively protect application sites from DoS attacks. Through simulation this paper shows DoS attacks have a negligible chance to disrupt communications services via the OPL architecture. Even if attackers attack 50% of overlay nodes via a Distributed DoS attack still 75% of communication channels are available.